VirusShare_1d673df68c2ade6507d1cc73ff7dd770

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_1d673df68c2ade6507d1cc73ff7dd770
Size

176KB
MD5

1d673df68c2ade6507d1cc73ff7dd770
SHA1

d0a10c720b429c7cbc6e3db750466f4fea5b81d9
SHA256

05dd387cb0b1ebbc69e51ed37a04acda4ee06d46986fb6a69cb9de18dcd24e60
SHA512

b28b6040cde2054d5a165d1649d2e8e335657dd79bbe92d35e47a67a126337746211c8529cd38d17c958eaa68d9fc96fbefb5761b0e97eb5c87be9a08562a736
SSDEEP

1536:BOdsHh3EoAqi/fRuyJOPHQsotLO8Kd39CTPdlJcM4cswsFHKcJgrR32:BOdAh3vA9fRnIQhM7qbccswQK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_1d673df68c2ade6507d1cc73ff7dd770

Files

VirusShare_1d673df68c2ade6507d1cc73ff7dd770
.dll windows:4 windows x86 arch:x86

b0a0fd894075523d30472ff2e09ed0f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrCSpnA
StrCSpnW

ole32

HWND_UserSize
CLIPFORMAT_UserSize
CoAllowSetForegroundWindow
CoUnmarshalInterface
GetClassFile
OleIsCurrentClipboard
CoGetObject
HPALETTE_UserUnmarshal
PropStgNameToFmtId
MonikerRelativePathTo
CreateClassMoniker
CoTaskMemFree
CoMarshalInterface
CoQueryAuthenticationServices
CreateFileMoniker
HPALETTE_UserMarshal
FreePropVariantArray
PropVariantCopy
StgConvertVariantToProperty
RegisterDragDrop
CoRegisterMallocSpy
HACCEL_UserMarshal
GetRunningObjectTable
HWND_UserMarshal
OleCreateEmbeddingHelper
SNB_UserFree
IsAccelerator
CoRegisterPSClsid
BindMoniker
STGMEDIUM_UserMarshal
SNB_UserMarshal
CoGetTreatAsClass

kernel32

CreateTimerQueue
GlobalMemoryStatusEx
SetInformationJobObject
GlobalFree
GlobalAlloc
GetFileAttributesA
IsValidLanguageGroup
GetTempPathW
DeleteFileA
HeapUnlock
GetSystemWindowsDirectoryW
LeaveCriticalSection
ScrollConsoleScreenBufferA
SetConsoleMode
LocalHandle
MoveFileExA
GetFileInformationByHandle
BackupWrite
GetThreadTimes
GetPrivateProfileSectionNamesA
_hwrite
DefineDosDeviceA
SetPriorityClass
OpenEventA
DeleteCriticalSection
GetSystemTime
_lopen
WriteConsoleInputA
FoldStringW
QueryDosDeviceW
GetCPInfoExW
SetHandleCount
AddAtomW
GlobalAddAtomA
SetSystemPowerState
FindAtomA
SetTimerQueueTimer
CreateHardLinkW
_lread
FindResourceA
GetUserDefaultUILanguage
AssignProcessToJobObject
CreateHardLinkA
CreateFileMappingW
GetNamedPipeHandleStateA
DeleteAtom
PostQueuedCompletionStatus
GlobalUnWire
SetLastError
FindClose
CreatePipe
MulDiv
UnmapViewOfFile
EnumSystemLanguageGroupsA
SetConsoleCtrlHandler
FileTimeToDosDateTime
GetCurrencyFormatW
GetProfileSectionA
lstrcatA
GlobalAddAtomA
UnlockFile

advapi32

GetLengthSid

winmm

waveInClose

Exports

Exports

PrebindingAccessTitle
PrebindingFramework

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0a0fd894075523d30472ff2e09ed0f2

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

advapi32

winmm

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.tls Size: 60KB - Virtual size: 57KB

.reloc Size: 4KB - Virtual size: 16KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.tls
Size: 60KB - Virtual size: 57KB

.reloc
Size: 4KB - Virtual size: 16KB